On Sat, Apr 07, 2012 at 07:36:56PM +0100, Dale Amon wrote:
On Sat, Apr 07, 2012 at 11:23:40AM -0400, Sam Smith wrote:
here's what they say about FOSS
https://spideroak.com/engineering_matters#open_source
note that Canonical has cloud stuff that is not open source. Some companies
On Sun, Apr 08, 2012 at 11:55:25AM +0800, John McCabe-Dansted wrote:
LastPass may be secure today, but it is trivially easy for LastPass
(or a hypothetical attacker who gains access to LastPass's
infrastructure) to compromise that security simply by replacing the
javascript code which does
To: smick...@hotmail.com
CC: ubuntu-devel-discuss@lists.ubuntu.com
Subject: Re: Ubuntu One needs cloud encryption like LastPass does it
On Thu, Apr 05, 2012 at 06:42:23PM -0400, Sam Smith wrote:
The point is that SpiderOak (and Lastpass) never know the user's password.
And never receive
On Sat, Apr 07, 2012 at 11:23:40AM -0400, Sam Smith wrote:
here's what they say about FOSS
https://spideroak.com/engineering_matters#open_source
note that Canonical has cloud stuff that is not open source. Some companies
apparently can't remain competitive if everything is open sourced.
LastPass may be secure today, but it is trivially easy for LastPass
(or a hypothetical attacker who gains access to LastPass's
infrastructure) to compromise that security simply by replacing the
javascript code which does the client side encryption and decryption
with some code that also
On Wed, Apr 04, 2012 at 07:55:09PM -0400, Sam Smith wrote:
I use SpiderOak because it offers client-side encryption. It provides the
security privacy I seek.
I'd prefer to use Ubuntu One, but until it supports client-side AES 256-bit
encryption additionally encrypts the decryption key
On Thu, Apr 5, 2012 at 8:18 AM, Dale Amon a...@vnl.com wrote:
On Wed, Apr 04, 2012 at 07:55:09PM -0400, Sam Smith wrote:
I use SpiderOak because it offers client-side encryption. It provides the
security privacy I seek.
I'd prefer to use Ubuntu One, but until it supports client-side AES
On Thu, Apr 05, 2012 at 11:32:33AM -0500, Jordon Bedwell wrote:
On Thu, Apr 5, 2012 at 8:18 AM, Dale Amon a...@vnl.com wrote:
Encrypting the encryption key has nothing to do with security, you
I agree.
dedicated crypto hardware. Then you have to re-upload all that data
again, wasting their
access the data anytime they want. If Apple
can access the data, a rogue employee and a hacker can potentially access the
data.
Date: Thu, 5 Apr 2012 11:32:33 -0500
Subject: Re: Ubuntu One needs cloud encryption like LastPass does it
From: jor...@envygeeks.com
To: a...@vnl.com
CC: smick
On Thu, Apr 05, 2012 at 06:42:23PM -0400, Sam Smith wrote:
The point is that SpiderOak (and Lastpass) never know the user's password.
And never receive the encryption key. The key never leaves the user's
computer. The server never gets it. The only thing that ever lands on the
server is
On Thu, Apr 5, 2012 at 5:42 PM, Sam Smith smick...@hotmail.com wrote:
The point is that SpiderOak (and Lastpass) never know the user's password.
And never receive the encryption key. The key never leaves the user's
computer. The server never gets it. The only thing that ever lands on the
I would not be so harsh on these companies. They
are very quietly *told* that they will comply
with the will of certain agencies. Or else. And
they are not allowed to tell their customers. Or
else... But they are trying to sell security. So
what are they going to do? They are going to
do a
On 04/05/2012 01:33 PM, Jordon Bedwell wrote:
On Thu, Apr 5, 2012 at 5:42 PM, Sam Smithsmick...@hotmail.com wrote:
The point is that SpiderOak (and Lastpass) never know the user's password.
And never receive the encryption key. The key never leaves the user's
computer. The server never gets
Six statements rather... I added the other two
initial ones as I thought more deeply on it.
--
Ubuntu-devel-discuss mailing list
Ubuntu-devel-discuss@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
On Thu, 2012-04-05 at 18:33 -0500, Jordon Bedwell wrote:
On Thu, Apr 5, 2012 at 5:42 PM, Sam Smith smick...@hotmail.com wrote:
The point is that SpiderOak (and Lastpass) never know the user's password.
And never receive the encryption key. The key never leaves the user's
computer. The
On Fri, 2012-04-06 at 01:41 +0100, Dale Amon wrote:
I do not know the details, so I will ask: is it the case that:
All we can know for sure is the way the system is DOCUMENTED to work, as
I said in my other email.
* The user crypto key is generated on the
the user machine.
Yes.
On Thu, Apr 05, 2012 at 09:18:37PM -0400, Paul Smith wrote:
I'm sure that they felt that forcing you to keep both the passphrase AND
the crypto key yourself was simply not a commercially viable solution
for the general public. It would be nice if they offered an option
(with appropriate
: jtodd...@hotmail.com
To: m...@funkyhat.org; ubuntu-devel-discuss@lists.ubuntu.com
Subject: RE: Ubuntu One needs cloud encryption like LastPass does it
Date: Sat, 24 Mar 2012 08:57:19 -0400
Even assuming this is true, why is it still not a good idea for Ubuntu One to
implement the same
Even assuming this is true, why is it still not a good idea for Ubuntu One to
implement the same encryption setup of the user having the only key.
From: m...@funkyhat.org
Date: Sat, 24 Mar 2012 02:00:20 +
Subject: Re: Ubuntu One needs cloud encryption like LastPass does it
To: jtodd
not prevent any of the things you seem to think it does.
From: be...@ubuntu.com
Date: Thu, 22 Mar 2012 16:32:09 -0300
Subject: Re: Ubuntu One needs cloud encryption like LastPass does it
To: jtodd...@hotmail.com
CC: ubuntu-devel-discuss@lists.ubuntu.com
On Thu, Mar 22, 2012 at 3:41 PM
On Fri, Mar 23, 2012 at 3:34 PM, Sam Smith smick...@hotmail.com wrote:
Using secure encryption that occurs on the computer before it leaves for the
cloud does not prevent any of the things you seem to think it does.
Of course it does, if it's encrypted, and only you can access it, then
it
On Fri, Mar 23, 2012 at 1:34 PM, Sam Smith smick...@hotmail.com wrote:
Everything you said, you can do with LastPass: make it more convenient,
access your files from anywhere (including the website), stream your own
music, share your files
Using secure encryption that occurs on the computer
the data except the user.
Date: Fri, 23 Mar 2012 18:25:04 -0500
Subject: Re: Ubuntu One needs cloud encryption like LastPass does it
From: jor...@envygeeks.com
To: smick...@hotmail.com
CC: ubuntu-devel-discuss@lists.ubuntu.com
On Fri, Mar 23, 2012 at 1:34 PM, Sam Smith smick...@hotmail.com
On Thu, Mar 22, 2012 at 3:41 PM, Jason Todd jtodd...@hotmail.com wrote:
I wanted to leave a note expressing my hopes that if Ubuntu One ever gets
encryption capabilities, that the encryption be implemented in the same way
that LASTPASS does it (http://lastpass.com). Which is that the data is
...but then you wouldn't be able to interact with your data beyond
your own computers.
Ubuntu One's focus is to make it more convenient, access your files
from anywhere (including the website), stream your own music, share
your files, and well, more to come in that direction.
For photos,
On Thu, Mar 22, 2012 at 6:38 PM, Martin Pool m...@canonical.com wrote:
...but then you wouldn't be able to interact with your data beyond
your own computers.
Ubuntu One's focus is to make it more convenient, access your files
from anywhere (including the website), stream your own music, share
26 matches
Mail list logo